[liberationtech] query

Jim Youll jyoull at alum.mit.edu
Wed Nov 3 10:45:13 PDT 2010 

Question to Ronald, provoked by Chris's answer:

Ronald, can you describe some of the resources / constraints of the site operators whose sites are under DOS attack? 
Knowing this would shed light on the in/feasibility of the available options...

- What is their annual financial budget for operating the site or service? 
- Is there a need to situate servers within some geographic region for routing purposes, e.g. to avoid broad national-border firewalls?
- Are there other (political, anonymity, financial, strategic) reasons that cloud hosting is not an option?
- What is the typical bandwidth available to the sites under attack? Kbps? Mbps?

I'm writing this as someone who's been through a pretty rough DDOS on a constrained circuit, facing possible loss of all Internet services because the attack pissed off an upstream provider to my (understanding) ISP. It was decided that my circuit was too much trouble to deal with, even though I was sinking traffic perfectly as I could as an end node, and so was my immediate-upstream ISP.

If we knew more about the characteristics of the attacked sites, we could think about properly-scaled responses, and maybe figure out there aren't always effective responses at the end as presently conceived, so some other strategy will be needed...

 - jim


On Nov 3, 2010, at 10:35 AM, Chris Palmer wrote:

> On Nov 3, 2010, at 5:52 AM, Ronald Deibert wrote:
> 
>> knows of a best practices document or website that offers guidance on a) protection, b) minimization of
>> damage and c) post-atttack response that their webmaster can study?
> 
> Cloud providers such as Google App Engine, Amazon AWS/S3, et alii can afford to protect against DDoS, and you definitely can't.
> 
> The thing about DDoS is that it's the dumb way to DoS a site --- there are usually far more effective application-level DoS vulnerabilities available. Of course, that's little comfort if you're being targeted by DDoS, but the point is that if you make DDoS harder for attackers by moving your app/site into the cloud, they'll move up to app DoS.
> 
> So, find ways to make the site more efficient in: database access, filesystem access, network I/O, and CPU time. Almost all sites can make significant improvements in these areas, with lots of juicy low-hanging fruit. Steve Souders' book (http://oreilly.com/catalog/9780596529307) is a good resource.
> 
> 
> -- 
> Chris Palmer
> Technology Director, Electronic Frontier Foundation
> 
> _______________________________________________
> liberationtech mailing list
> liberationtech at lists.stanford.edu
> 
> Should you need to change your subscription options, please go to:
> 
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
> 
> If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"
> 
> You will need the user name and password you receive from the list moderator in monthly reminders.
> 
> Should you need immediate assistance, please contact the list moderator.

More information about the liberationtech mailing list